Yup, that's de Beers at work, if you're permitted a quota from de Beers you're not allowed to deal in stones not from them, and can't deal with anyone else who doesn't play by the de Beers rules. For the full details of how much they've got this sewn up, read "The Last Empire" which, despite being nearly 30 years old, is still valid today.
In addition, I've been seeing this "synthetic stones will change everything and kill the de Beers monopoly" since at least the 1980s (The Last Empire covers it too, from the mid 1990s). If they were going to kill de Beers they would have done so by now.
Apart from the y'all-watch-this factor, security-wise it seems it'd be more useful to have a completely different, randomised build each time so attackers can't target a monoculture binary image.
In terms of "you can use it to verify source to binary equivalence", you're already relying entirely on trusting the developers to not do anything malicious, so what advantage is there to a reproducible build vs. downloading a signed binary? And for it to work you need signed source code and a signed attestation that when built the code has hash value X, which is just a really clunky way to do a signed binary.
What attack is this preventing that manifests and signed binaries as used by every package manager ever for years don't?
While there has been no evidence made public that Chinese government officials have accessed Americans' information through TikTok, the idea that China has the theoretical ability to weaponize an app used by half of America has been enough to set off an all-out crackdown.
As opposed to the US services where we know the USG has been accessing the information, over and over again. Heck, they just renewed a law saying that's exactly what they're doing. But hey, bread and circuses, look at the yellow bogeymen over there and pay no attention to what your own government agencies are busy doing.
The nation that controls magnetism controls the universe. -- Chester Gould/Dick Tracy